Data Security News Headlines 7th January, 2017

  1. Brazil’s largest news portals UOL and Folha hacked; redirected to RedTube

Friday morning all domains under UOL and Grupo Folha were redirected to a famous pornographic website RedTube. Grupo Folha is the third largest Brazilian media conglomerate whilst Universo Online (UOL) is a web content, products and services Brazilian firm. It belongs to Grupo Folha enterprise and one of the most visited websites in the country. According to report published in hackread, on Friday morning 9 am websites started redirecting its readers to RedTube and or Xvideos, another pornographic website. The hackers managed to break into the servers UOL and Folha, implementing a code that made all targeted websites redirect to the adult ones.  User had posted some tweets on official page with screenshots.

Cyber Security Tips: To protect from such hacking use secure code review, do vulnerability assessment and penetration testing, secure your server.

  1. Google Patches High Risk Vulnerability in Android Bootloader

A vulnerability recently addressed in Google’s January 2017 Android security bulletin was a denial of service (DoS) flaw in the bootloader, which could be exploited to target Nexus 6 and 6P custom boot modes, IBM security researchers reveal. CVE-2016-8467 and discovered by Roee Hay and Michael Goberman of IBM Security X-Force, the vulnerability allows an attacker to use either PC malware or malicious chargers to reboot the targeted smartphone and then implement a special boot configuration, or boot mode. Thus, the attacker can instruct Android to turn on various extra USB interfaces, as per report published in security week. According to IBM, one of the extra USB interfaces that an attacker could enable is the modem diagnostics interface, which would provide access to additional functionalities and allow the attacker to take over the Nexus 6 modem, “thus compromising confidentiality and integrity.

Cyber Security Tips:  Update your android with latest patches, always keep your application up to date.

 

 

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Create a free website or blog at WordPress.com.

Up ↑

%d bloggers like this: